letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
1,938 Commits 2 Branches 1 Tag
96fd597fef3e9dd514b44d8dcebffcdb00a6ffc0
Commit Graph

1938 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hugh Nimmo-Smith
4eea6ca1cc Compound doesn't have a value for bold so use semibold instead 2023-09-01 15:22:42 +02:00
Hugh Nimmo-Smith
75485ba97c Email verification template changes (#1667) 2023-09-01 13:20:23 +01:00
Hugh Nimmo-Smith
d3df659640 Standardise consent screens (#1674) 2023-09-01 13:19:33 +01:00
Kerry
5a8f05e518 Implement MSC2965 action parameter (#1673) 
* redirect session_end action to session detail

* fix react key warning in oauth session detail

* move Route type to /routing

* test getRouteActionRedirection

* comment

* frontend: Split the routing-related stuff in multiple files under routing/

* frontend: Cover all the redirections defined by MSC2965

* frontend: fix test

* Make the backend keep query parameters through login to the /account/ interface

* Fix frontend tests & clippy lints

---------

Co-authored-by: Quentin Gliech <quenting@element.io>
 2023-09-01 09:42:50 +00:00
Quentin Gliech
19df3dd019 graphql: admin API to add a user, lock them, and add emails without verification 2023-09-01 11:34:58 +02:00
Kerry
08fe0e6441 Add more information to session detail page (#1659) 
* rename `session` route to `browser-sessions`

* add session detail route

* stubbed route with userid

* get session and display as session tile on session detail page

* improve error message

* useMemo instead of ref

* oauth session detail page

* compat session detail

* link to session detail from compat and oauth sessions
 2023-08-31 21:59:41 +00:00
Quentin Gliech
00a4508d87 Rename the 'hack' configuration section to 'experimental' 2023-08-31 18:05:00 +02:00
Quentin Gliech
8d0cf9fdbf Make the access tokens TTL configurable 2023-08-31 18:05:00 +02:00
Quentin Gliech
8ea98eb917 frontend: fix compatibility session crash & simplify the redirect URI 2023-08-31 15:03:50 +02:00
Quentin Gliech
b9fae6fe0f Allow HTTPS redirectors for native apps 2023-08-31 14:20:21 +02:00
Quentin Gliech
80b3398424 Make the email verification state more configurable on upstream OAuth 2.0 registration 
This also marks the email as primary
 2023-08-31 14:20:06 +02:00
Quentin Gliech
33480bd98b Simplify the URL displayed on compatibility SSO logins 
See #1638
 2023-08-31 10:54:29 +02:00
Kerry Archibald
c51f062423 useMemo instead of ref 2023-08-31 09:41:35 +02:00
Kerry Archibald
e6be3c0931 improve error message 2023-08-31 09:41:35 +02:00
Kerry Archibald
d3903f9692 get session and display as session tile on session detail page 2023-08-31 09:41:35 +02:00
Kerry Archibald
ad9a27e3fe stubbed route with userid 2023-08-31 09:41:35 +02:00
Kerry Archibald
897cb6815d add session detail route 2023-08-31 09:41:35 +02:00
Kerry Archibald
1d011c0905 rename session route to browser-sessions 2023-08-31 09:41:35 +02:00
Kerry
886688a770 Make Profile page the default route (#1653) 
* make profile the default route

* src/pages/Home.tsx -> src/pages/SessionsOverview.tsx

* UserHome -> UserSessionsOverview

* update snapshots, fix session overview button alignment
 2023-08-30 23:27:39 +00:00
dependabot[bot]
d0eca1a51a build(deps-dev): bump postcss from 8.4.28 to 8.4.29 in /frontend 
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.28 to 8.4.29.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.28...8.4.29)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-30 20:22:57 +02:00
dependabot[bot]
f744b72b86 build(deps-dev): bump prettier from 3.0.2 to 3.0.3 in /frontend 
Bumps [prettier](https://github.com/prettier/prettier) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-30 20:00:45 +02:00
dependabot[bot]
d0c759ab83 build(deps-dev): bump happy-dom from 10.11.1 to 10.11.2 in /frontend 
Bumps [happy-dom](https://github.com/capricorn86/happy-dom) from 10.11.1 to 10.11.2.
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v10.11.1...v10.11.2)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-30 19:42:09 +02:00
Kerry Archibald
d5ebf7d24f move unverified email alert to header 2023-08-30 19:40:59 +02:00
Kerry Archibald
2dee85a7dc add button-style variant to Link 2023-08-30 19:40:59 +02:00
Quentin Gliech
38eacbebc1 Run the registration policy on upstream OAuth registration 2023-08-30 19:39:39 +02:00
Quentin Gliech
86d40b0345 Make sure we validate passwords & emails by the policy at all stages 
Also refactors the way we get the policy engines in requests
 2023-08-30 19:39:39 +02:00
Quentin Gliech
3c33923d2c policies: split the email & password policies and add jsonschema validation of the input 2023-08-30 19:39:39 +02:00
Quentin Gliech
b783b5457e tracing: set the parent context from the incoming request again 2023-08-29 18:50:54 +02:00
dependabot[bot]
d06064219c build(deps): bump the opentelemetry group with 1 update 
Bumps the opentelemetry group with 1 update: [tracing-opentelemetry](https://github.com/tokio-rs/tracing-opentelemetry).

- [Release notes](https://github.com/tokio-rs/tracing-opentelemetry/releases)
- [Changelog](https://github.com/tokio-rs/tracing-opentelemetry/blob/v0.1.x/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/tracing-opentelemetry/compare/v0.20.0...v0.21.0)

---
updated-dependencies:
- dependency-name: tracing-opentelemetry
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 18:50:54 +02:00
Quentin Gliech
06afab203e frontend: fix a flaky test 2023-08-29 18:32:19 +02:00
Quentin Gliech
4203d45a4e graphql: Expose the BrowserSession User-Agent 2023-08-29 17:38:01 +02:00
Quentin Gliech
fb246508b2 Store the browser user-agent when starting a browser session 2023-08-29 17:38:01 +02:00
Quentin Gliech
cb017c6436 graphql: Always make the associated SSO login available in compatibility sessions 2023-08-29 16:53:38 +02:00
Quentin Gliech
e80aa8b311 graphql: API to query client sessions out of a device_id and a user ID 2023-08-29 16:53:38 +02:00
Quentin Gliech
df474f9e55 storage: Look up compat sessions by device_id 2023-08-29 16:53:38 +02:00
Quentin Gliech
42cb190ab6 storage: Allow filtering oauth2 sessions by scope 2023-08-29 16:53:38 +02:00
Kerry
c43691532c Allow user to view and change display name in My Account UI (#1628) 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2023-08-29 13:40:00 +02:00
Quentin Gliech
e8b2ab8df1 Add the user_id directly on oauth2_sessions and make the scope a text list 2023-08-29 12:52:24 +02:00
Kerry Archibald
bbb59e70d2 add finishedAt to browser sessions 2023-08-29 12:43:04 +02:00
Quentin Gliech
d1c041cfad api: Add a finishedAt property to the BrowserSession and a state property to all 3 session types 2023-08-29 08:34:07 +02:00
Quentin Gliech
6c6f121146 Fix sentry transport post-upgrade 2023-08-29 08:23:26 +02:00
dependabot[bot]
08b8401b99 build(deps): bump the sentry group with 1 update 
Bumps the sentry group with 1 update: [sentry](https://github.com/getsentry/sentry-rust).

- [Release notes](https://github.com/getsentry/sentry-rust/releases)
- [Changelog](https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-rust/compare/0.31.5...0.31.6)

---
updated-dependencies:
- dependency-name: sentry
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: sentry
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 08:23:26 +02:00
dependabot[bot]
c1aea1197f build(deps): bump schemars from 0.8.12 to 0.8.13 
Bumps [schemars](https://github.com/GREsau/schemars) from 0.8.12 to 0.8.13.
- [Release notes](https://github.com/GREsau/schemars/releases)
- [Changelog](https://github.com/GREsau/schemars/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GREsau/schemars/compare/v0.8.12...v0.8.13)

---
updated-dependencies:
- dependency-name: schemars
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 08:00:46 +02:00
dependabot[bot]
81fa7e0750 build(deps): bump rustls from 0.21.6 to 0.21.7 
Bumps [rustls](https://github.com/rustls/rustls) from 0.21.6 to 0.21.7.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Commits](https://github.com/rustls/rustls/compare/v/0.21.6...v/0.21.7)

---
updated-dependencies:
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 08:00:31 +02:00
dependabot[bot]
b9bceed881 build(deps-dev): bump @types/node from 20.5.6 to 20.5.7 in /frontend 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.5.6 to 20.5.7.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 07:27:04 +02:00
Kerry
71dd531830 Browser session UI (#1616) 
* tweak blocklist spacing

* use same session design for browser sessions

* remove change to session

* remove unused class
 2023-08-29 00:07:48 +00:00
dependabot[bot]
282847a119 build(deps): bump clap from 4.4.0 to 4.4.1 
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.0 to 4.4.1.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.4.0...v4.4.1)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 00:10:05 +02:00
dependabot[bot]
1c4f4ef069 build(deps): bump docker/setup-buildx-action from 2.9.1 to 2.10.0 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.9.1 to 2.10.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 00:09:30 +02:00
dependabot[bot]
9017e76bcd build(deps-dev): bump happy-dom from 10.11.0 to 10.11.1 in /frontend 
Bumps [happy-dom](https://github.com/capricorn86/happy-dom) from 10.11.0 to 10.11.1.
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v10.11.0...v10.11.1)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 00:09:10 +02:00
Quentin Gliech
1283e78f18 Cache the upstream OAuth 2.0 provider metadata 2023-08-28 18:30:40 +02:00